Who We're Looking For (Position Overview):

Spry Methods is looking for Cybersecurity Specialists to support the Department of Homeland Security (DHS) Cybersecurity Program. The specialist will assist in cyber security management, oversight, and customer support for maintaining the continuity of DHS systems ensuring compliance with DHS, National Institute of Standards and Technology (NIST), and other applicable Federal standards. Specifically, this position will provide ISSO support. This position is hybrid, in which on-site support is required when conducting classified ISSO support, and remote for unclassified systems.

What Your Day-To-Day Looks Like (Position Responsibilities):

• Conducting research, analysis and providing recommendations on current Government and industry information technology (IT) security best practices, standards, and requirements; 
• Providing services supporting the Information Technology Systems Security (ITSS) program for DHS’s systems and tools to include Unclassified Local Area Network, Homeland Secure Data Network, and Joint Worldwide Intelligence Communications System solutions; 
• Supporting IT security audits; 
• Supporting Authority to Operate/On-going Authorizations; 
• Ensuring compliance with DHS security requirements across the components portfolio of systems including engaging with various contractors and government personnel to maintain a robust security posture; and
• Providing any other tasks as requested.

What You Need to Succeed (Minimum Requirements):

• TS/SCI Clearance
• Bachelor’s degree, eight (8) years of experience with FISMA compliance and eight (8) years of ISSO and Security Assessment and Authorization experience in unclassified environments 
• Five (5) years of FISMA compliance, and five (5) years of ISSO and SA&A experience in classified environments. 
• Experience with assisting in the design, development, and implementation of security solutions for a variety of systems. 
• Experience performing complex risk analysis, and establishing information security requirements based upon policy, regulation and resource demands
• Experience with the following activities:
• Security Operations Center (SOC) services
• Vulnerability scanning and assessments utilizing NESSUS and AppDetective
• Applications hosted in a Data Center and Cloud environments
• Leading tabletop exercises for disaster recovery planning as well as experience leading actual failover and failback exercises in support of disaster recovery planning in both a classified and unclassified environment
• Experience with Information Assurance Compliance System (IACS) software tool

Ideally, You Also Have (Preferred Qualifications):

• Systems Security Plan
• Security Operating Procedures
• Authorized User List
• Training and Awareness Documentation
• Information Security Incident Reports
• Risk Assessment
• Contingency Plan
• Interconnection Security Agreements
• Memorandum of Understanding/Agreement
• Privacy Threshold Analysis
• Privacy Impact Analysis
• FIPS 199
• Experience migrating systems from NIST SP 800-53 Rev 4 to Rev 5
• Experience with FISMA Scorecards

#CJ